[zeromq-dev] Implementing a ZAP handler in C#

Robert Pickering robertfpickering at fastmail.com
Tue Jul 28 16:24:47 CEST 2015


Finally got to the bottom of this. It seems when you try and decode a
Z80 encode key, represented using .NET's native string, class, the
decode function decodes string to a byte array correctly, it then
re-encodes these bytes as a string:

		public static string Decode(string strg)
		{
			return Decode(strg, ZContext.Encoding);
		}

		public static string Decode(string strg, Encoding
		encoding)
		{
			byte[] bytes = encoding.GetBytes(strg);
			byte[] encoded = Decode(bytes);
			return encoding.GetString(encoded);
		}

This recoding always seems to corrupt the key in some way. The default
encoding is UTF8, so presumably because the data is random this means
some invalid byte sequences are generated. (Originally I was trying to
decode the string as ASCII, which would mean any bytes > 128 would
become corrupted, but even when I try decoding with UTF8, the key often
still gets corrupted).

I have changed all return types for decode methods in the clrzmq4
library to return a byte array. The example now works as expected once
this change is in place. I'll send a pull request over with the change.

Rob

On Fri, Jul 24, 2015, at 05:36 AM, Robert Pickering wrote:
> Here are the logs from the hw example. There"s a log from a successful
> run with no encryption and a log from a failed run with the curve
> encryption enabled:
> https://gist.github.com/robertpi/2424193e35d67bcd0b70
> 
> The log messages I added can be seen here:
> https://github.com/robertpi/libzmq/commit/eda22e7b234d7fc2c7b9957f6a853f80864d390b
> 
> Looking at the logs it seems the problem maybe in the client. In the
> plain cases after a successful handshake the client calls into
> zmq::stream_engine_t::process_handshake_command straight after the hand
> shake finishes. In the curve case there's no more data in the buffer
> (the call to tcp_read returns  -1) so the zmq::stream_engine_t::in_event
> exits and no further processing takes place. What data should be
> returned to the client after a sucesful handshake?
> 
> Are there any existing examples that work use curve encryption with
> libzmq directly, not going via czmq? If not I'll try and port my C# code
> to C that uses libzmq.
> 
> Thanks,
> Rob
> 
> On Fri, Jul 24, 2015, at 04:38 AM, Robert Pickering wrote:
> > The next thing I tried was porting the code to the hw sample, so see if
> > the problem was specific to sub/pub or not. The hw sample doesn't work
> > either, so the problem is not specific to sub/pub as I thought:
> > https://gist.github.com/robertpi/224d834bc04e42f6cf23
> > 
> > I'll try porting the code to the libzmq directly. I also tidy up my
> > debug logs and publish them.
> > 
> > Thanks,
> > Robert
> > 
> > On Thu, Jul 23, 2015, at 09:41 PM, Arnaud Kapp wrote:
> > > Hello,
> > > 
> > > The authentication should happen automatically if the socket has the
> > > correct option configured (curve server flag, and a private key /
> > > public key).
> > > I am not aware of any limitation of the authentication / security code
> > > when using PUB/SUB. It should work.
> > > 
> > > I am not familiar enough with C# to know if there is something wrong
> > > with your code, but it looks ok.
> > > Are you able to get this to work using the libzmq C API?
> > > 
> > > On Thu, Jul 23, 2015 at 7:16 PM, Robert Pickering
> > > <robertfpickering at fastmail.com> wrote:
> > > > I've been continuing to look at this today. To investigate further I
> > > > build my own version of libzmq and added some debug code. What I think I
> > > > see is the handshake in zmq::stream_engine_t::in_event is successful but
> > > > in the sub/pub model the client sends no further data so there's nothing
> > > > to trigger the ZAP handler. Is there anyway to force authentication to
> > > > take place? Or is curve security just not an option with the sub/pub
> > > > model?
> > > >
> > > > Thanks,
> > > > Rob
> > > >
> > > > On Wed, Jul 22, 2015, at 04:54 PM, Robert Pickering wrote:
> > > >> I'm trying to implement a ZAP handler in C#. I've updated the patho
> > > >> sub/pub example to include curve cryptography and tried to add a ZAP
> > > >> handler in the publisher. Here's a gist of what I have so far:
> > > >> https://gist.github.com/robertpi/a140eaa62378c14678ad
> > > >>
> > > >> Basically in the publisher I bind a REP socket to
> > > >> inproc://zeromq.zap.01. I then set the ZMQ_CURVE_SERVER and
> > > >> ZMQ_CURVE_SECRETKEY on the publisher, while on the client I
> > > >> ZMQ_CURVE_SERVERKEY to be the servers public key, and set it's
> > > >> ZMQ_CURVE_PUBLICKEY and ZMQ_CURVE_SECRETKEY to be the clients
> > > >> public/secret key.
> > > >>
> > > >> Before I sent up the curve options the messages follow and the example
> > > >> works just fine. After I set the curve options the messages stop
> > > >> following. I was expecting my ZAP handling method to be called, so I
> > > >> could respond with with whether the client is valid or not, but it seem
> > > >> the ZAP handler never receives a message.
> > > >>
> > > >> I feel I'm missing some simple step to enable the ZAP handler. Do I need
> > > >> to send messages to inproc://zeromq.zap.01 to enable the ZAP handler? I
> > > >> see some examples set a verbosity option and an IP filter, are these
> > > >> messages that need to be sent to inproc://zeromq.zap.01? Or are they
> > > >> values that need to be set somewhere else?
> > > >>
> > > >> Many thanks for any help!
> > > >>
> > > >> Rob
> > > >>
> > > >> --
> > > >>   Robert Pickering
> > > >>   robertfpickering at fastmail.com
> > > >> _______________________________________________
> > > >> zeromq-dev mailing list
> > > >> zeromq-dev at lists.zeromq.org
> > > >> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
> > > > _______________________________________________
> > > > zeromq-dev mailing list
> > > > zeromq-dev at lists.zeromq.org
> > > > http://lists.zeromq.org/mailman/listinfo/zeromq-dev
> > > 
> > > 
> > > 
> > > -- 
> > > Kapp Arnaud - Xaqq
> > > _______________________________________________
> > > zeromq-dev mailing list
> > > zeromq-dev at lists.zeromq.org
> > > http://lists.zeromq.org/mailman/listinfo/zeromq-dev
> > _______________________________________________
> > zeromq-dev mailing list
> > zeromq-dev at lists.zeromq.org
> > http://lists.zeromq.org/mailman/listinfo/zeromq-dev
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev



More information about the zeromq-dev mailing list